﻿using System;
using System.Web.Mvc;
using MvcApplication2.Ultilities;

namespace MvcApplication2.Attributes
{
    //[AttributeUsage(AttributeTargets.All, Inherited = true, AllowMultiple = true)]
    public class CustomAuthorizeAttribute : AuthorizeAttribute
    {
        public CustomAuthorizeAttribute()
        {
            /*
             * If Roles = null, will skip check ActiveDirectoryRoleProvider
             * If Roles != null, will check Roles contains in the return values of ActiveDirectoryRoleProvider.GetRolesForUser(). Then if contains -> pass authorize, if not -> call HandleUnauthorizedRequest
             */
            Roles = Constant.ADGroup;
        }

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            filterContext.Result = new RedirectResult("~/Error/AccessDenied");
        }
    }
}